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DETAILED ACTION 

1. This Action is in response to Application Number 10/055,407 received on 
2/26/2007. 

2. Claims 1-23 are presented for examination. 

3. The prosecution for this case has been transferred to another Examiner. All 
corresponding communications should be directed to Examiner's contact information, 
provided below. 

4. Applicant's arguments, see Appeal Brief, filed 2/6/2007, with respect to the 
rejection(s) of claim(s) 1-22 have been fully considered and are persuasive. Therefore, 
the rejection has been withdrawn. However, upon further consideration, a new 
ground(s) of rejection is made as provided below. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 22-23 are rejected under 35 U.S.C. 102(e) as being anticipated by Swift 
etal. (U.S. 7,113,994). 
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5. Regarding claim 22, Swift disclosed a system and method of proxy authentication 
in a secured network, in which a user first registers with a trusted security server proxy 
authorization information and identifies the proxy client and specifies the extent of proxy 
authority granted to the proxy client (Swift, col. 2, lines 30-35) and if the security server 
verifies that the request is within the proxy authority granted to the proxy client, the 
security server returns to the proxy client a data structure containing information 
recognizable by the target service to authenticate the proxy client for accessing the 
target service on behalf of the user (Swift, col. 2, lines 38-43). As shown in Fig. 2, the 
proxy client 74 uses the proxy authentication data 92, provided Trusted security server 
80, to access and use the target service 76. 

Therefore, Swift disclosed a method of controlling computer network access 
comprising: 

(a) initiating a communication session between a first computer and a second 
computer (Swift, Fig. 2, 84, proxy permission request); 

(b) receiving at the first computer from the second computer via the 
communication session an access configuration including a control setting for at least 
one communication protocol (Swift, Fig. 2, 90, proxy client receives proxy authentication 
data to access the target service); 

(c) monitoring data conveyed to or from a process running on the first computer 
based on the control setting (col. 5, lines 40-55, target service uses the authentication 
data for authenticating the proxy client when the proxy client attempts to access the 
target service); and 
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(d) controlling the data conveyed to or from the process based on the control 
setting (col. 5, lines 40-55, target service uses the authentication data for authenticating 
the proxy client when the proxy client attempts to access the target service). 

6. Regarding claim 23, Swift disclosed the limitations, substantially as claimed, as 
described in claim 22, including wherein the process instantiates another 
communication session; and the conveyance of data is controlled in connection with the 
other communication session (col. 5, lines 40-55, target service uses the authentication 
data for authenticating the proxy client when the proxy client attempts to access the 
target service). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-9, 13-21 are rejected under 35 U.S.C. 103(a) as being unpatentable 

over Swift et al (U.S. 7,11 3,994) in view of Caronni et al (U.S. 2006/0077977). 

7. Regarding claims 1 and 13, Swift disclosed a system and method of proxy 
authentication in a secured network, in which a user first registers with a trusted security 
server proxy authorization information and identifies the proxy client and specifies the 
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extent of proxy authority granted to the proxy client (Swift, col. 2, lines 30-35) and if the 
security server verifies that the request is within the proxy authority granted to the proxy 
client, the security server returns to the proxy client a data structure containing 
information recognizable by the target service to authenticate the proxy client for 
accessing the target service on behalf of the user (Swift, col. 2, lines 38-43). As shown 
in Fig. 2, the proxy client 74 uses the proxy authentication data 92, provided Trusted 
security server 80, to access and use the target service 76. 

Therefore, Swift disclosed a method for controlling computer network access, the 
method comprising the steps of: 

(c) initiating at the client computer a second communication session at the 
second network address (Swift, Fig. 2, 84, proxy permission request); 

(d) receiving at the client computer via the second communication session an 
access configuration including a control setting for at least one communication protocol 
capable of being utilized during a third communication session (Swift, Fig. 2, 90, proxy 
client receives proxy authentication data to access the target service); 

(e) instantiating on the client computer a process which initiates a third 
communication session at a third network address (Swift, Fig. 2, 92, proxy client sends 
connection request to target service using the proxy authentication data); and 

(f) in connection with the third communication session, controlling the 
conveyance of data at least one of (i) to and (ii) from the process instantiated on the 
client computer based on the control setting for the one communication protocol (col. 5, 
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lines 40-55, target service uses the authentication data for authenticating the proxy 
client when the proxy client attempts to access the target service). 

Swift disclosed the internet client to initiate communication with the trusted 
secure server (Fig. 2, 84). 

However, Swift did not provide the detail as to how the internet client became 
aware of the trusted secure server's presence on the network [i.e. (a) initiating at a 
client computer a first communication session at a first network address; and (b) 
receiving at the client computer via the first communication session a second network 
address]. 

This would have motivated one of ordinary to search the prior art for well-known 
techniques for discovering devices or obtaining addresses of devices on the network. 

In an analogous art of networking, Caronni disclosed a system and method 
where a web client 1 102 obtains an address to a web serverl 104 from computer 
system 1106 (Caronni, Fig. 11, [0079]). 

Caronni provides a method for obtaining an address of a device by obtaining the 
address from computer system whose address is already known by the Internet client. 
As such, Caronni provides teaching that includes a technique for finding the address of 
a device. 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
the invention was made for the internet client of Swift to use the teachings of Caronni in 
order to obtain an address of a secure server before initial communication with the 
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secure server in order to learn of the secure server's existence to be able to use the 
services of the secure server. 

Claim 13 includes limitations that are substantially similar to claim 1 . Therefore 
claim 13 is rejected under the same rationale. 

8. Regarding claims 2 and 19, Swift and Caronni disclosed the limitations, 
substantially as claimed, as described in claims 1 and 13, including wherein: 

the access configuration includes a list related to the control setting for the one 
communication protocol and the conveyance of data via the third communication 
session is controlled based on the list (Swift, col. 5, lines 14-20, the authorization data 
may specify which services the proxy client is allowed to access on the user's behalf; 
lines 45-50, the data structure may be in the form of capabilities). 

9. Regarding claim 3, Swift and Caronni disclosed the limitations, substantially as 
claimed, as described in claim 1 . Swift also provided examples of services to include 
secure file access (Swift, col. 1 , lines 25-30). 

Swift did not provide a specific type of secure file access [i.e. World Wide Web 
(Web); file transfer protocol (FTP); E-mail; News; Chat; Instant Messaging; Telnet; and 
Peer-to-Peer]. 

This would have motivated one of ordinary skill in the art to search the prior art 
for standard types of secure file access. It was well known in the art at the time the 
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invention was made that protocols such as World Wide Web and file transfer protocol 
include secure file access. 

Examiner takes Official Notice (see MPEP § 2144.03) that World Wide Web and 
file transfer protocol were well known types of secure file access in the art at the time 
the invention was made. Therefore, it would have been obvious for one of ordinary skill 
in the art at the time the invention was made to use the World Wide Web and file 
transfer protocol as the protocol in Swift for the benefit of using a standard protocol that 
is already used by the public without having to reinvent the wheel. 

The Applicant is entitled to traverse any/all official notice taken in this action 
according to MPEP § 2144.03, namely, "if applicant traverses such an assertion, the 
examiner should cite a reference in support of his or her position". However, MPEP § 
2144.03 further states "See also In re Boon, 439 F.2d 724, 169 USPQ 231 (CCPA 
1971) (a challenge to the taking of judicial notice must contain adequate information or 
argument to create on its face a reasonable doubt regarding the circumstances 
justifying the judicial notice)." Specifically, In re Boon, 169 USPQ 231, 234 states "as 
we held in Ahlert, an applicant must be given the opportunity to challenge either the 
correctness of the fact asserted or the notoriety or repute of the reference cited in 
support of the assertion. We did not mean to imply by this statement that a bald 
challenge, with nothing more, would be all that was needed". Further note that 37 CFR 
§ 1.671(c)(3) states "Judicial notice means official notice". Thus, a traversal by the 
Applicant that is merely "a bald challenge, with nothing more" will be given very little 
weight. 
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10. Regarding claim 4, Swift and Caronni disclosed the limitations, substantially as 
claimed, as described in claim 1, including wherein the control setting is one of: 

unrestricted computer network access (Allow All); 
no computer network access (Block All); 

limited computer network access to network addresses included in an allow list 
(Allow Listed); and 

unrestricted computer network access except to network addresses included in a 
block list (Block Listed) (Swift, col. 5, lines 14-20, the authorization data may specify 
which services the proxy client is allowed to access on the user's behalf; lines 45-50, 
the data structure may be in the form of capabilities). 

11. Regarding claims 5 and 16, Swift and Caronni disclosed the limitations, 
substantially as claimed, as described in claims 1 and 13, including wherein: 

the access configuration further includes at least one of the following global 
control settings: 

access prohibited to conveyed data including a predetermined word or phrase; 

access prohibited to data of at least one predetermined data type; 

access prohibited to data conveyed during at least one of a predetermined time 
and day-of-week; and 

access prohibited based on a rating for a category included with the conveyed 
data; and step (f) further includes the step of controlling the conveyance of data at least 
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one of (i) to and (ii) from the process instantiated on the client computer based on the at 
least one global control setting (Swift, col. 8, line 16). 

12. Regarding claim 6, Swift and Caronni disclosed the limitations, substantially as 
claimed, as described in claim 5. Swift and Caronni did not explicitly state wherein the 
at least one predetermined data type includes an Internet cookie. 

Examiner takes Official Notice (see MPEP § 2144.03) that using cookies to 
determine access permissions for clients in a network was well known in the art at the 
time the invention was made. 

13. Regarding claims 7 and 15, Swift and Caronni disclosed the limitations, 
substantially as claimed, as described in claims 1 and 13. Swift and Caronni did not 
explicitly state further including at least one of: after step (b), the step of terminating the 
first communication session; and after step (d), the step of terminating the second 
communication session. 

However, it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to end these sessions since the requested data was provided 
(i.e. the computer system of Caronni provides an address, and the secure server of 
Swift provides the authorization data). 

Therefore, it would have been obvious for one of ordinary skill in the art at the 
time the invention was made to end the sessions since the requested data was provided 
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and there is no longer any need to continue communication with these devices, for the 
benefit of freeing up communication ports for reuse. 

14. Regarding claims 8 and 18, Swift and Caronni disclosed the limitations, 
substantially as claimed, as described in claims 1 and 13. Swift and Caronni did not 
explicitly state transmitting from the client computer via the second communication 
session a request to receive another access configuration including a control setting for 
the one communication protocol; 

receiving at the client computer via the second communication session the other 
access configuration; 

and performing step (f) based on the control setting included in the other access 
configuration. 

However, it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to repeat the steps in Swift and Caronni in order to obtain 
authorization for other target services. 

15. Regarding claims 9 and 21, Swift and Caronni disclosed the limitations, 
substantially as claimed, as described in claims 1 and 13. Swift and Caronni did not 
explicitly state wherein step (f) further includes the steps of: determining from the 
conveyed data the communication protocol thereof, and determining from the thus 
determined communication protocol the control setting therefor. However, it would have 
been obvious to one of ordinary skill in the art that when a communication is received 
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and understood, the protocol must be determined, otherwise, the communication would 
fail. It would have also been obvious that the target service must determine the access 
permissions of the proxy client, otherwise there would be no reason for the proxy client 
to retrieve these permissions in the first place. 

16. Regarding claim 14, Swift and Caronni disclosed the limitations, substantially as 
claimed, as described in claim 13, including wherein the first and second server 
computers are the same server computer (Swift, Fig. 2, 80). 

17. Regarding claim 17, Swift and Caronni disclosed the limitations, substantially as 
claimed, as described in claim 16, including wherein: prior to receipt of the access 
configuration at the client computer, the control setting for the one communication 
protocol is selected from a plurality of different control settings therefor; 

and each global control setting is selected nonexclusively of any other global control 
settings (Swift, col. 5, lines 40-55). 

18. Regarding claim 20, Swift and Caronni disclosed the limitations, substantially as 
claimed, as described in claim 19, including wherein the entry comprises a network 
address (Swift, col. 5, lines 15-20, proxy auth data identifies one or more clients). 
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Allowable Subject Matter 

Claims 10-12 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

Conclusion 

Examiner's Note: Examiner has cited particular columns and line numbers in 
the references applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings of the art and are 
applied to specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested from the applicant in preparing 
responses, to fully consider the references in entirety as potentially teaching all or part 
of the claimed invention, as well as the context of the passage as taught by the prior art 
or disclosed by the Examiner. 

In the case of amending the claimed invention, Applicant is respectfully 
requested to indicate the portion(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to J. Bret Dennison whose telephone number is (571) 272- 
3910. The examiner can normally be reached on M-F 8:30am-5pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A Wiley can be reached on (571) 272-3923. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 



Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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